diff options
author | Timo Teras <timo.teras@iki.fi> | 2009-07-27 16:20:51 +0300 |
---|---|---|
committer | Timo Teras <timo.teras@iki.fi> | 2009-07-27 16:20:51 +0300 |
commit | 31ee725d6273df8189ba96d55aa0e30d1a813398 (patch) | |
tree | 8bbc66e9ecebdb17aa4d9eb67c3da6e640b21f5c /main/openssl | |
parent | 4cbb938980019bb24322e4d8497e20aa7d862639 (diff) | |
download | aports-31ee725d6273df8189ba96d55aa0e30d1a813398.tar.bz2 aports-31ee725d6273df8189ba96d55aa0e30d1a813398.tar.xz |
main/openssl: fix padlock patch
there was a bug sha context copying, that caused all hmac users
(and possibly others) to crash. also implemented a third
intermediate hashing mode with small buffer: it'll speed up
hashing in most cases considerably (packets / certificates to
be hashed are not usually too long).
Diffstat (limited to 'main/openssl')
-rw-r--r-- | main/openssl/APKBUILD | 2 | ||||
-rw-r--r-- | main/openssl/openssl-0.9.8k-padlock-sha.patch | 395 |
2 files changed, 159 insertions, 238 deletions
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD index 46d1e064b4..4bf078a046 100644 --- a/main/openssl/APKBUILD +++ b/main/openssl/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=openssl pkgver=0.9.8k -pkgrel=3 +pkgrel=4 pkgdesc="Toolkit for SSL v2/v3 and TLS v1" url=http://openssl.org depends= diff --git a/main/openssl/openssl-0.9.8k-padlock-sha.patch b/main/openssl/openssl-0.9.8k-padlock-sha.patch index 63b27cea36..7a89f434cf 100644 --- a/main/openssl/openssl-0.9.8k-padlock-sha.patch +++ b/main/openssl/openssl-0.9.8k-padlock-sha.patch @@ -6,8 +6,8 @@ # Index: openssl-0.9.8k/crypto/engine/eng_padlock.c =================================================================== ---- openssl-0.9.8k.orig/crypto/engine/eng_padlock.c 2009-07-12 19:24:42.000000000 +0300 -+++ openssl-0.9.8k/crypto/engine/eng_padlock.c 2009-07-13 13:07:26.000000000 +0300 +--- openssl-0.9.8k.orig/crypto/engine/eng_padlock.c 2009-07-27 16:18:20.000000000 +0300 ++++ openssl-0.9.8k/crypto/engine/eng_padlock.c 2009-07-27 16:18:50.000000000 +0300 @@ -1,10 +1,13 @@ -/* +/* @@ -287,31 +287,35 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c encryption function itself. This function is not AES-specific. */ static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, -@@ -1157,6 +1214,470 @@ +@@ -1157,6 +1214,511 @@ #endif /* OPENSSL_NO_AES */ +#ifndef OPENSSL_NO_SHA + ++#define DIGEST_DATA(ctx) ((struct padlock_digest_data *)(ctx->md_data)) ++#define PADLOCK_SHA_ALIGN(dd) (uint32_t*)(((uintptr_t)(dd) + 15) & ~15) ++#define PADLOCK_SHA_PAGES 14 ++#define PADLOCK_SHA_BUFFER (1024 - sizeof(size_t) - 4*sizeof(void*)) ++#define PADLOCK_SHA_INITVECTOR_SIZE (8 * sizeof(uint32_t)) ++ +struct padlock_digest_data { -+ unsigned char output[128+16]; -+ uint64_t total; -+ -+ unsigned char *buffer; -+ size_t used; -+ size_t size; -+ -+ void (*hash)(struct padlock_digest_data *data, -+ const void *buf, size_t len); -+ int (*update)(EVP_MD_CTX *ctx, -+ const void *buffer, size_t len); -+ int (*final)(EVP_MD_CTX *ctx, unsigned char *buffer); ++ union { ++ unsigned char smallbuffer[PADLOCK_SHA_BUFFER]; ++ struct { ++ unsigned char padlockctx[128+16]; ++ unsigned char *buffer; ++ size_t mmap_size; ++ uint64_t total; ++ }; ++ }; ++ void *initvector; ++ size_t used; ++ void (*hash)(void *padlockctx, const void *buf, size_t len); ++ int (*update)(EVP_MD_CTX *ctx, const void *buffer, size_t len); ++ int (*final)(EVP_MD_CTX *ctx, unsigned char *buffer); +}; + -+#define DIGEST_DATA(ctx) ((struct padlock_digest_data *)(ctx->md_data)) -+#define DIGEST_DATA_OUTPUT(dd) (uint32_t*)(((uintptr_t)(dd->output) + 15) & ~15) -+#define PADLOCK_BUFFER_PAGES 14 -+ +static inline void * +padlock_atomic_xchg(volatile void **mem, void *fixed) +{ @@ -327,22 +331,20 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c +} + +static void -+padlock_do_sha1(struct padlock_digest_data *data, const void *buf, size_t len) ++padlock_do_sha1(void *padlockctx, const void *buf, size_t len) +{ -+ uint32_t *output = DIGEST_DATA_OUTPUT(data); + asm volatile ( + "xsha1" -+ : "+S"(buf), "+D"(output) ++ : "+S"(buf), "+D"(padlockctx) + : "c"(len), "a"(0)); +} + +static void -+padlock_do_sha256(struct padlock_digest_data *data, const void *buf, size_t len) ++padlock_do_sha256(void *padlockctx, const void *buf, size_t len) +{ -+ uint32_t *output = DIGEST_DATA_OUTPUT(data); + asm volatile ( + "xsha256" -+ : "+S"(buf), "+D"(output) ++ : "+S"(buf), "+D"(padlockctx) + : "c"(len), "a"(0)); +} + @@ -350,7 +352,6 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c +handle_sigsegv(int sig, siginfo_t *info, void *uctxp) +{ + ucontext_t *uctx = uctxp; -+ + uctx->uc_mcontext.gregs[14] += 4; +} + @@ -360,8 +361,8 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c + struct sigaction act, oldact; + size_t bofs = 0; + -+ if (data->used != data->size) { -+ bofs = data->size - data->used; ++ if (data->used != data->mmap_size) { ++ bofs = data->mmap_size - data->used; + memmove(&data->buffer[bofs], data->buffer, data->used); + } + @@ -369,7 +370,8 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c + act.sa_sigaction = handle_sigsegv; + act.sa_flags = SA_SIGINFO; + sigaction(SIGSEGV, &act, &oldact); -+ data->hash(data, &data->buffer[bofs], data->used + 64); ++ data->hash(PADLOCK_SHA_ALIGN(data->padlockctx), ++ &data->buffer[bofs], data->used + 64); + sigaction(SIGSEGV, &oldact, NULL); +} + @@ -377,8 +379,9 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c +padlock_free_buffer(void *buf) +{ + buf = padlock_atomic_xchg(&padlock_cached_sha_buffer, buf); -+ if (buf != NULL) -+ munmap(buf, (PADLOCK_BUFFER_PAGES + 1) * getpagesize()); ++ if (buf != NULL) { ++ munmap(buf, (PADLOCK_SHA_PAGES + 1) * getpagesize()); ++ } +} + +static void * @@ -392,7 +395,7 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c + if (buf != NULL) + goto ret; + -+ size = (PADLOCK_BUFFER_PAGES + 1) * page; ++ size = (PADLOCK_SHA_PAGES + 1) * page; + buf = mmap(0, size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, 0, 0); + if (buf == NULL) @@ -402,13 +405,13 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c + * we are over quota. */ + mlock(buf, size); + -+ if (mprotect(buf + PADLOCK_BUFFER_PAGES * page, page, PROT_NONE) < 0) { ++ if (mprotect(buf + PADLOCK_SHA_PAGES * page, page, PROT_NONE) < 0) { + munmap(buf, size); + return NULL; + } + +ret: -+ *maxsize = PADLOCK_BUFFER_PAGES * page - 64; ++ *maxsize = PADLOCK_SHA_PAGES * page - 64; + + return buf; +} @@ -419,24 +422,23 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c + struct padlock_digest_data *ddata = DIGEST_DATA(ctx); + size_t chunk_size; + -+ if (ddata->buffer == NULL) { -+ ddata->buffer = padlock_allocate_buffer(&ddata->size); -+ } ++ if (ddata->buffer == NULL) ++ ddata->buffer = padlock_allocate_buffer(&ddata->mmap_size); + + while (len) { -+ if (ddata->used + len < ddata->size) { ++ if (ddata->used + len < ddata->mmap_size) { + memcpy(&ddata->buffer[ddata->used], data, len); + ddata->used += len; + ddata->total += len; + return 1; + } + -+ chunk_size = ddata->size - ddata->used; ++ chunk_size = ddata->mmap_size - ddata->used; + memcpy(&ddata->buffer[ddata->used], data, chunk_size); + + data += chunk_size; + len -= chunk_size; -+ ddata->used = ddata->size; ++ ddata->used = ddata->mmap_size; + ddata->total += chunk_size; + padlock_sha_nonfinalizing(ddata); + ddata->used = 0; @@ -450,10 +452,23 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c +{ + struct padlock_digest_data *ddata = DIGEST_DATA(ctx); + size_t size = EVP_MD_CTX_size(ctx); -+ uint32_t *output = DIGEST_DATA_OUTPUT(ddata); + -+ padlock_htonl_block(output, size / sizeof(uint32_t)); -+ memcpy(md, output, size); ++ memcpy(md, PADLOCK_SHA_ALIGN(ddata->padlockctx), size); ++ return 1; ++} ++ ++static int ++padlock_copy_final(EVP_MD_CTX *ctx, unsigned char *md) ++{ ++ struct padlock_digest_data *ddata = DIGEST_DATA(ctx); ++ char padlockctx[128+16]; ++ void *aligned = PADLOCK_SHA_ALIGN(padlockctx); ++ size_t size = EVP_MD_CTX_size(ctx); ++ ++ memcpy(aligned, ddata->initvector, PADLOCK_SHA_INITVECTOR_SIZE); ++ ddata->hash(aligned, ddata->smallbuffer, ddata->used); ++ padlock_htonl_block(aligned, size / sizeof(uint32_t)); ++ memcpy(md, aligned, size); + + return 1; +} @@ -463,10 +478,12 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c +{ + static const char padding[64] = { 0x80, }; + struct padlock_digest_data *ddata = DIGEST_DATA(ctx); ++ size_t mdsize = EVP_MD_CTX_size(ctx); ++ void *aligned = PADLOCK_SHA_ALIGN(ddata->padlockctx); + + if (ddata->used == ddata->total) { + /* Sweet, everything fits in one buffer. */ -+ ddata->hash(ddata, ddata->buffer, ddata->used); ++ ddata->hash(aligned, ddata->buffer, ddata->used); + } else { + /* Hardware already hashed some buffers. + * Do finalizing manually */ @@ -492,95 +509,119 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c + /* And finally calculate it */ + padlock_sha_nonfinalizing(ddata); + } ++ padlock_htonl_block(aligned, mdsize / sizeof(uint32_t)); ++ memcpy(md, aligned, mdsize); + -+ return padlock_oneshot_final(ctx, md); ++ return 1; +} + +static int -+padlock_oneshot_update(EVP_MD_CTX *ctx, const void *data, size_t length) ++padlock_copy_update(EVP_MD_CTX *ctx, const void *data, size_t len) +{ + struct padlock_digest_data *ddata = DIGEST_DATA(ctx); + -+ /* Oneshot update is only possible if context flags indicate so */ -+ if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) { ++ if (ddata->used + len > sizeof(ddata->smallbuffer)) { + ddata->update = padlock_multi_update; + ddata->final = padlock_multi_final; -+ return padlock_multi_update(ctx, data, length); ++ ++ if (ddata->used != 0) { ++ void *buffer; ++ size_t mmap_size; ++ ++ buffer = padlock_allocate_buffer(&mmap_size); ++ memcpy(buffer, ddata->smallbuffer, ddata->used); ++ ddata->buffer = buffer; ++ ddata->total = ddata->used; ++ ddata->mmap_size = mmap_size; ++ } else { ++ ddata->buffer = NULL; ++ ddata->total = 0; ++ } ++ ++ memcpy(PADLOCK_SHA_ALIGN(ddata->padlockctx), ddata->initvector, ++ PADLOCK_SHA_INITVECTOR_SIZE); ++ ++ return padlock_multi_update(ctx, data, len); + } + -+ ddata->hash(ddata, data, length); ++ memcpy(&ddata->smallbuffer[ddata->used], data, len); ++ ddata->used += len; ++ + return 1; +} + -+static void ++static int ++padlock_oneshot_update(EVP_MD_CTX *ctx, const void *data, size_t len) ++{ ++ struct padlock_digest_data *ddata = DIGEST_DATA(ctx); ++ void *aligned = PADLOCK_SHA_ALIGN(ddata->padlockctx); ++ size_t mdsize = EVP_MD_CTX_size(ctx); ++ ++ /* Oneshot update is only possible if context flags indicate so */ ++ if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) { ++ ddata->update = padlock_copy_update; ++ ddata->final = padlock_copy_final; ++ return padlock_copy_update(ctx, data, len); ++ } ++ ++ memcpy(aligned, ddata->initvector, PADLOCK_SHA_INITVECTOR_SIZE); ++ ddata->hash(aligned, data, len); ++ padlock_htonl_block(aligned, mdsize / sizeof(uint32_t)); ++ ddata->used += len; ++ ++ return 1; ++} ++ ++static int +padlock_sha_init(struct padlock_digest_data *ddata) +{ -+ ddata->total = 0; -+ ddata->buffer = NULL; -+ ddata->used = 0; -+ ddata->size = 0; -+ ddata->update = padlock_oneshot_update; -+ ddata->final = padlock_oneshot_final; ++ ddata->used = 0; ++ ddata->update = padlock_oneshot_update; ++ ddata->final = padlock_oneshot_final; ++ ++ return 1; +} + +static int +padlock_sha1_init(EVP_MD_CTX *ctx) +{ ++ static uint32_t sha1_initvector[8] = { ++ 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, ++ 0xC3D2E1F0 ++ }; + struct padlock_digest_data *ddata = DIGEST_DATA(ctx); -+ uint32_t *output = DIGEST_DATA_OUTPUT(ddata); -+ -+ output[0] = 0x67452301; -+ output[1] = 0xEFCDAB89; -+ output[2] = 0x98BADCFE; -+ output[3] = 0x10325476; -+ output[4] = 0xC3D2E1F0; + -+ padlock_sha_init(ddata); + ddata->hash = padlock_do_sha1; -+ -+ return 1; ++ ddata->initvector = sha1_initvector; ++ return padlock_sha_init(ddata); +} + +static int +padlock_sha224_init(EVP_MD_CTX *ctx) +{ ++ static uint32_t sha224_initvector[] = { ++ 0xC1059ED8, 0x367CD507, 0x3070DD17, 0xF70E5939, ++ 0xFFC00B31, 0x68581511, 0x64F98FA7, 0xBEFA4FA4, ++ }; + struct padlock_digest_data *ddata = DIGEST_DATA(ctx); -+ uint32_t *output = DIGEST_DATA_OUTPUT(ddata); -+ -+ output[0] = 0xC1059ED8UL; -+ output[1] = 0x367CD507UL; -+ output[2] = 0x3070DD17UL; -+ output[3] = 0xF70E5939UL; -+ output[4] = 0xFFC00B31UL; -+ output[5] = 0x68581511UL; -+ output[6] = 0x64F98FA7UL; -+ output[7] = 0xBEFA4FA4UL; -+ -+ padlock_sha_init(ddata); -+ ddata->hash = padlock_do_sha256; + -+ return 1; ++ ddata->hash = padlock_do_sha256; ++ ddata->initvector = sha224_initvector; ++ return padlock_sha_init(ddata); +} + +static int +padlock_sha256_init(EVP_MD_CTX *ctx) +{ ++ static uint32_t sha256_initvector[] = { ++ 0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, ++ 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19 ++ }; + struct padlock_digest_data *ddata = DIGEST_DATA(ctx); -+ uint32_t *output = DIGEST_DATA_OUTPUT(ddata); -+ -+ output[0] = 0x6A09E667; -+ output[1] = 0xBB67AE85; -+ output[2] = 0x3C6EF372; -+ output[3] = 0xA54FF53A; -+ output[4] = 0x510E527F; -+ output[5] = 0x9B05688C; -+ output[6] = 0x1F83D9AB; -+ output[7] = 0x5BE0CD19; -+ -+ padlock_sha_init(ddata); -+ ddata->hash = padlock_do_sha256; + -+ return 1; ++ ddata->hash = padlock_do_sha256; ++ ddata->initvector = sha256_initvector; ++ return padlock_sha_init(ddata); +} + +static int @@ -601,26 +642,27 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c + struct padlock_digest_data *dfrom = DIGEST_DATA(from); + struct padlock_digest_data *dto = DIGEST_DATA(to); + -+ /* Copy the internal state */ -+ memcpy(DIGEST_DATA_OUTPUT(dto), DIGEST_DATA_OUTPUT(dfrom), 128); -+ dto->total = dfrom->total - dfrom->used; -+ dto->hash = dfrom->hash; -+ dto->used = 0; -+ -+ /* Try using oneshot update if possible */ -+ if (dfrom->used == dfrom->total) { -+ dto->update = padlock_oneshot_update; -+ dto->final = padlock_oneshot_final; -+ } else { -+ dto->update = padlock_multi_update; -+ dto->final = padlock_multi_final; ++ /* When we get here, dto is already a memcpied from dfrom, ++ * it's ok for all other cases except when data is on a separate ++ * mmapped area. It would be nice if we had a flag, if this is ++ * a "finalization copy", so we could do finalizing SHA here and ++ * store the result to *to precalculated. But there's no such ++ * flag as to is reset on copy. */ ++ if (dfrom->update == padlock_multi_update) { ++ /* Recopy the context, as they might have different alignment */ ++ memcpy(PADLOCK_SHA_ALIGN(dto->padlockctx), ++ PADLOCK_SHA_ALIGN(dfrom->padlockctx), ++ PADLOCK_SHA_INITVECTOR_SIZE); ++ ++ /* Update total, and copy the buffer */ ++ dto->total = dfrom->total - dfrom->used; ++ dto->buffer = NULL; ++ dto->used = 0; ++ dto->mmap_size = 0; ++ if (dfrom->used != 0) ++ padlock_sha_update(to, dfrom->buffer, dfrom->used); + } + -+ /* Copy pending data - one oneshot destination, this means finalizing -+ * the contents if we are still on the first iteration. */ -+ if (dfrom->buffer != NULL) -+ padlock_sha_update(to, dfrom->buffer, dfrom->used); -+ + return 1; +} + @@ -629,9 +671,8 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c +{ + struct padlock_digest_data *ddata = DIGEST_DATA(ctx); + -+ if (ddata->buffer != NULL) ++ if (ddata->update == padlock_multi_update && ddata->buffer != NULL) + padlock_free_buffer(ddata->buffer); -+ ddata->buffer = NULL; + + return 1; +} @@ -758,7 +799,7 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c /* ===== Random Number Generator ===== */ /* * This code is not engaged. The reason is that it does not comply -@@ -1164,7 +1685,7 @@ +@@ -1164,7 +1726,7 @@ * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it * provide meaningful error control... */ @@ -767,7 +808,7 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c the raw PadLock RNG */ static int padlock_rand_bytes(unsigned char *output, int count) -@@ -1212,6 +1733,7 @@ +@@ -1212,6 +1774,7 @@ padlock_rand_bytes, /* pseudorand */ padlock_rand_status, /* rand status */ }; @@ -775,123 +816,3 @@ Index: openssl-0.9.8k/crypto/engine/eng_padlock.c #endif /* COMPILE_HW_PADLOCK */ -Index: openssl-0.9.8k/crypto/evp/p_sign.c -=================================================================== ---- openssl-0.9.8k.orig/crypto/evp/p_sign.c 2009-07-13 11:01:02.000000000 +0300 -+++ openssl-0.9.8k/crypto/evp/p_sign.c 2009-07-13 11:01:45.000000000 +0300 -@@ -5,21 +5,21 @@ - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. -- * -+ * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). -- * -+ * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. -- * -+ * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: -@@ -34,10 +34,10 @@ - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). -- * 4. If you include any Windows specific code (or a derivative thereof) from -+ * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" -- * -+ * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -@@ -49,7 +49,7 @@ - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. -- * -+ * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence -@@ -105,6 +105,7 @@ - return(0); - } - EVP_MD_CTX_init(&tmp_ctx); -+ M_EVP_MD_CTX_set_flags(&tmp_ctx,EVP_MD_CTX_FLAG_ONESHOT); - EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); - if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) - { -Index: openssl-0.9.8k/crypto/evp/p_verify.c -=================================================================== ---- openssl-0.9.8k.orig/crypto/evp/p_verify.c 2009-07-13 11:01:06.000000000 +0300 -+++ openssl-0.9.8k/crypto/evp/p_verify.c 2009-07-13 11:02:11.000000000 +0300 -@@ -5,21 +5,21 @@ - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. -- * -+ * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). -- * -+ * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. -- * -+ * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: -@@ -34,10 +34,10 @@ - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). -- * 4. If you include any Windows specific code (or a derivative thereof) from -+ * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" -- * -+ * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -@@ -49,7 +49,7 @@ - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. -- * -+ * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence -@@ -92,7 +92,8 @@ - } - - EVP_MD_CTX_init(&tmp_ctx); -- EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); -+ M_EVP_MD_CTX_set_flags(&tmp_ctx,EVP_MD_CTX_FLAG_ONESHOT); -+ EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); - if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) - { - EVP_MD_SVCTX sctmp; |